nomisec
WORKING POC
1,128 stars
by Arinerron · local
https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit
This is a modified proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary files in the page cache. The exploit specifically targets /etc/passwd to set the root password to 'aaron' and then spawns a root shell, restoring the original /etc/passwd afterward.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · unprivileged user access · read access to target file
nomisec
WORKING POC
685 stars
by AlexisAhmed · local
https://github.com/AlexisAhmed/CVE-2022-0847-DirtyPipe-Exploits
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files. The exploits demonstrate modifying /etc/passwd and hijacking SUID binaries.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 and later (before patches)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation
nomisec
WORKING POC
280 stars
by r1is · local
https://github.com/r1is/CVE-2022-0847
This repository contains a proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting any file contents in the page cache, even if the file is read-only or immutable. The exploit demonstrates privilege escalation by modifying the /etc/passwd file to gain root access without a password.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Access to a local user account
nomisec
WORKING POC
89 stars
by Al1ex · local
https://github.com/Al1ex/CVE-2022-0847
This is a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting arbitrary files in the page cache. The exploit leverages uninitialized pipe_buffer.flags to bypass file permissions and write to read-only files.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 to 5.16.10, 5.15.24, 5.10.101
No auth needed
Prerequisites:
Local access to the target system · Linux kernel version 5.8 or later (unpatched)
nomisec
STUB
78 stars
by DataDog · poc
https://github.com/DataDog/dirtypipe-container-breakout-poc
This repository is a stub that redirects to another location for the actual Dirty Pipe (CVE-2022-0847) container escape PoC. No exploit code is present in this repository.
Target:
Linux Kernel (5.8 and later, before 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Access to a vulnerable Linux system with unprivileged user access
nomisec
SCANNER
69 stars
by basharkey · poc
https://github.com/basharkey/CVE-2022-0847-dirty-pipe-checker
This repository contains a bash script to check if a Linux kernel is vulnerable to CVE-2022-0847 (Dirty Pipe). It compares kernel versions against known vulnerable ranges and outputs whether the system is vulnerable or not.
Classification
Scanner 100%
Target:
Linux Kernel (versions 5.8 to 5.16.10, 5.15.25, 5.10.102, etc.)
No auth needed
Prerequisites:
Access to the target system to run the script
nomisec
WORKING POC
58 stars
by ZZ-SOCMAP · poc
https://github.com/ZZ-SOCMAP/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary file contents in the page cache, even on read-only files or immutable files. The exploit modifies /etc/passwd to add a password for the root user and then spawns a shell.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute binary on the target system
nomisec
WORKING POC
51 stars
by bbaranoff · local
https://github.com/bbaranoff/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary file contents in the page cache, bypassing file permissions and read-only mounts.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute code on the target system
nomisec
WORKING POC
49 stars
by febinrev · poc
https://github.com/febinrev/dirtypipez-exploit
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite read-only files, including SUID binaries, to escalate privileges to root. The PoC injects shellcode into a target binary, spawns a root shell, and attempts to restore the original binary.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of a SUID binary to hijack
nomisec
WORKING POC
46 stars
by knqyf263 · poc
https://github.com/knqyf263/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows arbitrary file overwrites by leveraging a vulnerability in the Linux kernel's pipe mechanism. The exploit demonstrates modifying the /etc/passwd file to achieve privilege escalation.
Classification
Working Poc 100%
Target:
Linux kernel (versions 5.8 through 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Ability to execute binaries
nomisec
WORKING POC
34 stars
by greenhandatsjtu · poc
https://github.com/greenhandatsjtu/CVE-2022-0847-Container-Escape
This repository contains a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating container escape by overwriting read-only files on the host system. The exploit leverages the `CAP_DAC_READ_SEARCH` capability to bypass file read permissions and uses `splice()` to overwrite target files.
Classification
Working Poc 100%
Target:
Linux Kernel (versions affected by CVE-2022-0847)
No auth needed
Prerequisites:
Container with `CAP_DAC_READ_SEARCH` capability · Vulnerable Linux kernel (CVE-2022-0847)
nomisec
WORKING POC
29 stars
by airbus-cert · poc
https://github.com/airbus-cert/dirtypipe-ebpf_detection
This repository contains an eBPF-based detection tool for CVE-2022-0847 (Dirty Pipe), which monitors splice syscalls to identify exploitation attempts. It uses kernel tracepoints to detect suspicious pipe operations and logs events for analysis.
Classification
Working Poc 95%
Target:
Linux Kernel (versions affected by CVE-2022-0847)
No auth needed
Prerequisites:
Linux kernel vulnerable to CVE-2022-0847 · eBPF support in the kernel · root privileges to load eBPF programs
nomisec
WORKING POC
26 stars
by chenaotian · poc
https://github.com/chenaotian/CVE-2022-0847
This repository contains a working proof-of-concept exploit for CVE-2022-0847, also known as the 'Dirty Pipe' vulnerability in the Linux kernel. The exploit leverages an uninitialized variable in the `copy_page_to_iter_pipe` function to achieve local privilege escalation by overwriting arbitrary read-only files.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 to 5.16.11, 5.15.25, and 5.10.102
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel version · Ability to compile and run C code on the target system
nomisec
WORKING POC
21 stars
by ahrixia · poc
https://github.com/ahrixia/CVE_2022_0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel privilege escalation vulnerability. It leverages uninitialized pipe_buffer.flags to overwrite arbitrary file contents in the page cache, even on read-only files or mounts.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute binary on target system
nomisec
WORKING POC
15 stars
by breachnix · poc
https://github.com/breachnix/dirty-pipe-poc
This repository contains a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting read-only files by leveraging an uninitialized pipe_buffer.flags variable in Linux kernels 5.8 to 5.16.10, 5.15.24, or 5.10.101.
Classification
Working Poc 100%
Target:
Linux Kernel (5.8 <= version < 5.16.11, 5.15.25, or 5.10.102)
No auth needed
Prerequisites:
Linux kernel within vulnerable version range · Ability to execute binaries on the target system
nomisec
WORKING POC
12 stars
by 0xIronGoat · poc
https://github.com/0xIronGoat/dirty-pipe
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary file contents in the page cache, even on read-only files or immutable files. The exploit demonstrates privilege escalation by modifying /etc/passwd to gain root access.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Access to a vulnerable Linux system with kernel >= 5.8 · Ability to compile and execute the exploit binary
nomisec
WORKING POC
12 stars
by n3rada · local
https://github.com/n3rada/DirtyPipe
This repository contains a functional exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing arbitrary file writes. The exploit includes a modular C implementation with options to overwrite files like /etc/passwd for privilege escalation.
Classification
Working Poc 100%
Target:
Linux kernel (versions 5.8 and later, before 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Compile the exploit with static linking
nomisec
WORKING POC
9 stars
by crusoe112 · local
https://github.com/crusoe112/DirtyPipePython
This is a Python-based exploit for CVE-2022-0847 (DirtyPipe), which leverages the Linux kernel vulnerability to overwrite read-only files (e.g., /etc/passwd, sudo, su) to escalate privileges to root. It combines techniques from existing PoCs and drops a setuid root shell.
Classification
Working Poc 95%
Target:
Linux Kernel (versions 5.8+ with unpatched DirtyPipe vulnerability)
No auth needed
Prerequisites:
Vulnerable Linux kernel (5.8+ without patch for CVE-2022-0847) · Ability to execute Python code on the target system
nomisec
WORKING POC
9 stars
by LudovicPatho · poc
https://github.com/LudovicPatho/CVE-2022-0847_dirty-pipe
This is a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe buffer flag to overwrite read-only files and escalate privileges by hijacking a SUID binary to spawn a root shell.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of a SUID binary to hijack
nomisec
WORKING POC
9 stars
by crowsec-edtech · poc
https://github.com/crowsec-edtech/Dirty-Pipe
This is a one-line exploit for CVE-2022-0847 (Dirty Pipe), which downloads a precompiled static binary from a GitHub repository, sets executable permissions, and runs it. The exploit leverages the Dirty Pipe vulnerability to achieve local privilege escalation.
Classification
Working Poc 90%
Target:
Linux Kernel (versions 5.8 and later, before 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system
nomisec
WORKING POC
9 stars
by xndpxs · poc
https://github.com/xndpxs/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting data in arbitrary read-only files by leveraging an uninitialized pipe_buffer.flags variable in the Linux kernel. The exploit demonstrates privilege escalation by injecting code into root processes.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Access to a vulnerable Linux system with kernel 5.8 or later · Ability to compile and execute the PoC
nomisec
WORKING POC
8 stars
by h4ckm310n · local
https://github.com/h4ckm310n/CVE-2022-0847-eBPF
This repository contains an eBPF-based detection and mitigation tool for CVE-2022-0847 (Dirty Pipe vulnerability). It monitors splice() system calls for malicious pipe buffer flags and kills offending processes while clearing page caches.
Classification
Working Poc 95%
Target:
Linux Kernel (5.8.0-25, Ubuntu 20.10)
No auth needed
Prerequisites:
Linux kernel with eBPF support · Clang and BPF toolchain · Root access for deployment
nomisec
WORKING POC
8 stars
by rexpository · poc
https://github.com/rexpository/linux-privilege-escalation
This repository contains two functional exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing unprivileged users to overwrite read-only files and escalate privileges. Exploit 1 modifies /etc/passwd to gain a root shell, while Exploit 2 injects data into SUID process memory.
Classification
Working Poc 100%
Target:
Linux kernel versions before 5.16.11, 5.15.25, and 5.10.102
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation
nomisec
WORKING POC
7 stars
by qwert419 · local
https://github.com/qwert419/linux-
This PoC exploits CVE-2022-0847 (Dirty Pipe) to overwrite arbitrary files by manipulating the pipe buffer flags, allowing privilege escalation by modifying /etc/passwd to add a backdoor root user.
Classification
Working Poc 95%
Target:
Linux kernel 5.8 <= version < 5.16.11 / 5.15.25 / 5.10.102
No auth needed
Prerequisites:
Unprivileged user access · Target system running a vulnerable kernel version
nomisec
WORKING POC
7 stars
by drapl0n · poc
https://github.com/drapl0n/dirtypipe
This is a functional exploit for CVE-2022-0847 (DirtyPipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting data in read-only files. The PoC injects a small ELF binary into a SUID executable to gain root access.
Classification
Working Poc 100%
Target:
Linux kernel (versions 5.8 and later, before 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of a SUID binary to overwrite
nomisec
WORKING POC
6 stars
by arttnba3 · local
https://github.com/arttnba3/CVE-2022-0847
This repository contains a proof-of-concept (PoC) and exploit for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file writes and privilege escalation via SUID binary overwriting. The exploit leverages pipe buffer manipulation to achieve root access.
Classification
Working Poc 95%
Target:
Linux kernel (5.8+)
No auth needed
Prerequisites:
Readable target file · Unpatched Linux kernel (5.8+)
nomisec
WORKING POC
6 stars
by Mustafa1986 · poc
https://github.com/Mustafa1986/CVE-2022-0847-DirtyPipe-Exploit
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages a Linux kernel vulnerability to overwrite arbitrary files via pipe manipulation. The exploit injects shellcode into a SUID binary (e.g., /usr/bin/su) to escalate privileges and spawn a root shell.
Classification
Working Poc 95%
Target:
Linux Kernel up to 5.10.101/5.15.24/5.16.10
Auth required
Prerequisites:
Local access to a vulnerable Linux system · Presence of a SUID binary to overwrite
nomisec
WORKING POC
5 stars
by yoeelingBin · poc
https://github.com/yoeelingBin/CVE-2022-0847-Container-Escape
This Go-based PoC exploits CVE-2022-0847 (Dirty Pipe) to achieve container escape by overwriting arbitrary files. It uses pipe manipulation and file handle brute-forcing to inject data into read-only files.
Classification
Working Poc 95%
Target:
Linux kernel (versions 5.8 to 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Unprivileged user access to a vulnerable Linux system · Target file must be readable by the attacker
nomisec
SCANNER
4 stars
by MrP1xel · poc
https://github.com/MrP1xel/CVE-2022-0847-dirty-pipe-kernel-checker
This repository contains a Python script that checks if a given Linux kernel version is vulnerable to CVE-2022-0847 (Dirty Pipe). It does not exploit the vulnerability but merely verifies version-based susceptibility.
Classification
Scanner 100%
Target:
Linux Kernel (versions before 5.8, 5.10.102, 5.15.25, and 5.16.11)
No auth needed
Prerequisites:
Knowledge of the target kernel version or local access to the system
nomisec
WORKING POC
4 stars
by 4luc4rdr5290 · poc
https://github.com/4luc4rdr5290/CVE-2022-0847
This exploit leverages CVE-2022-0847 (Dirty Pipe) to overwrite data in read-only files, specifically modifying /etc/passwd to add a backdoor root user with a known password. It then spawns a root shell to restore the original file and execute commands.
Classification
Working Poc 100%
Target:
Linux Kernel (5.8+)
No auth needed
Prerequisites:
Unprivileged user access · Linux kernel vulnerable to CVE-2022-0847
nomisec
WORKING POC
4 stars
by DanaEpp · poc
https://github.com/DanaEpp/pwncat_dirtypipe
This is a pwncat module that automates the exploitation of CVE-2022-0847 (dirtypipe) for local privilege escalation to root. It checks kernel vulnerability, compiles an exploit on the target, and executes it without requiring manual setup.
Classification
Working Poc 95%
Target:
Linux Kernel (versions 5.8 to 5.16.11, 5.15.25, 5.10.102)
Auth required
Prerequisites:
Access to a vulnerable Linux system · pwncat-cs installed on the attacker's machine
nomisec
WORKING POC
3 stars
by eduquintanilha · poc
https://github.com/eduquintanilha/CVE-2022-0847-DirtyPipe-Exploits
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files or hijacking SUID binaries. The exploits are well-documented and include a compilation script for ease of use.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 and later (before patches 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation
nomisec
WORKING POC
3 stars
by nanaao · poc
https://github.com/nanaao/dirtyPipe-automaticRoot
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which allows local privilege escalation by injecting data into read-only files via pipe manipulation. The PoC includes an automatic root method that hijacks the /etc/passwd file to spawn a root shell.
Classification
Working Poc 100%
Target:
Linux Kernel (5.8+)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Python 3.10 or above
nomisec
WORKING POC
3 stars
by Shotokhan · poc
https://github.com/Shotokhan/cve_2022_0847_shellcode
This repository contains a Python script to generate shellcode for CVE-2022-0847, a Linux kernel vulnerability. The shellcode is designed to modify files (e.g., /etc/passwd) to achieve privilege escalation by exploiting the Dirty Pipe flaw.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 to 5.16
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel (5.8 <= X < 5.16) · Ability to execute arbitrary code on the target system
nomisec
WORKING POC
3 stars
by sa-infinity8888 · poc
https://github.com/sa-infinity8888/Dirty-Pipe-CVE-2022-0847
This is a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows arbitrary file overwrite by leveraging an uninitialized pipe_buffer.flags variable in the Linux kernel. The exploit modifies /etc/passwd to escalate privileges by injecting a password for the root user.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute binary on the target system
nomisec
WORKING POC
3 stars
by EagleTube · local
https://github.com/EagleTube/CVE-2022-0847
This repository contains a modified Dirty Pipe (CVE-2022-0847) exploit that automates privilege escalation by hijacking a SUID binary to spawn a root shell. It includes two C files (`dirty.c` and `dirtypipe2.c`) that leverage the vulnerability to overwrite file contents in the page cache, even on read-only files or immutable files.
Classification
Working Poc 95%
Target:
Linux Kernel (5.8 and later, including 5.10, 5.15, 5.16)
No auth needed
Prerequisites:
Access to a vulnerable Linux system with kernel versions 5.8 or later · Presence of a SUID binary to hijack
nomisec
WORKING POC
2 stars
by jpts · poc
https://github.com/jpts/CVE-2022-0847-DirtyPipe-Container-Breakout
This repository contains a functional PoC for CVE-2022-0847 (DirtyPipe), demonstrating container breakout by exploiting a Linux kernel vulnerability to overwrite read-only files. The exploit modifies `/proc/self/exe` to inject a malicious payload, achieving privilege escalation.
Classification
Working Poc 95%
Target:
Linux Kernel (versions 5.8 through 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Unprivileged user access within a container · Linux kernel vulnerable to CVE-2022-0847
nomisec
WORKING POC
2 stars
by puckiestyle · poc
https://github.com/puckiestyle/CVE-2022-0847
This repository contains a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting any file contents in the page cache, even on read-only files or mounts. The exploit includes both a shell script and a C program to demonstrate privilege escalation by modifying the /etc/passwd file or hijacking a SUID binary.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 to 5.15
No auth needed
Prerequisites:
Linux kernel version 5.8 or later · Access to a local user account
nomisec
WORKING POC
2 stars
by dadhee · local
https://github.com/dadhee/CVE-2022-0847_DirtyPipeExploit
This is a modified version of Max Kellermann's Dirty Pipe (CVE-2022-0847) exploit that overwrites the root password in /etc/passwd to gain a root shell. It backs up the original file and restores it after exploitation.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · unprivileged user access · read access to /etc/passwd
nomisec
SCANNER
2 stars
by mhanief · poc
https://github.com/mhanief/dirtypipe
This repository contains a detection script for CVE-2022-0847 (Dirty Pipe), which checks if the system's kernel version is vulnerable. It does not include an exploit but provides a list of vulnerable kernel versions and references.
Classification
Scanner 95%
Target:
Linux Kernel (specific versions listed in script)
No auth needed
Prerequisites:
Access to the system to run the script
nomisec
WORKING POC
2 stars
by cspshivam · poc
https://github.com/cspshivam/CVE-2022-0847-dirty-pipe-exploit
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary files in the page cache, even on read-only mounts. It modifies /etc/passwd to add a backdoor root user with a known password.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Linux Kernel 5.8+ · unprivileged user access
nomisec
WORKING POC
2 stars
by CYB3RK1D · poc
https://github.com/CYB3RK1D/CVE-2022-0847-POC
This PoC exploits CVE-2022-0847 (Dirty Pipe) to overwrite data in read-only files by manipulating the Linux kernel's pipe buffer handling. It uses splice() and write() to inject arbitrary payloads into non-writable files.
Classification
Working Poc 95%
Target:
Linux Kernel (5.8 and later, before 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Read access to the target file · Ability to execute code on the target system
nomisec
WRITEUP
2 stars
by ihenakaarachchi · poc
https://github.com/ihenakaarachchi/debian11-dirty_pipe-patcher
This repository provides a script to patch the Dirty Pipe vulnerability (CVE-2022-0847) by compiling and installing Linux kernel 5.18 on Debian 11. It includes instructions and dependencies for manual kernel compilation.
Classification
Writeup 90%
Target:
Linux Kernel 5.10 (Debian 11)
Auth required
Prerequisites:
sudo permissions · Debian 11 with vulnerable kernel · internet access for dependencies
nomisec
WORKING POC
2 stars
by gyaansastra · local
https://github.com/gyaansastra/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (DirtyPipe), which allows overwriting data in read-only files by leveraging an uninitialized pipe_buffer.flags variable in the Linux kernel. The exploit demonstrates arbitrary file modification even on immutable or read-only mounted files.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute code on the target system
nomisec
WORKING POC
2 stars
by byteReaper77 · local
https://github.com/byteReaper77/Dirty-Pipe
This repository contains a functional Proof of Concept (PoC) exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability affecting versions 5.8 to 5.16. The exploit manipulates pipe buffers to overwrite read-only files, such as SUID binaries, to achieve local privilege escalation.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 to 5.16
No auth needed
Prerequisites:
Access to a vulnerable Linux system (kernel 5.8 to 5.16) · Presence of a SUID binary for exploitation
nomisec
WORKING POC
2 stars
by JlSakuya · local
https://github.com/JlSakuya/CVE-2022-0847-container-escape
This exploit leverages CVE-2022-0847 (Dirty Pipe) to overwrite the runC binary in a container, injecting shellcode to achieve container escape. It uses the Dirty Pipe vulnerability to modify the entry point of the runC executable, allowing arbitrary command execution outside the container.
Classification
Working Poc 95%
Target:
Linux kernel (Dirty Pipe vulnerability) and runC
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel (5.8 < 5.16.11, 5.15 < 5.15.25, 5.10 < 5.10.102) · Container environment using runC · Ability to compile and execute the exploit within the container
nomisec
WORKING POC
2 stars
by mutur4 · local
https://github.com/mutur4/CVE-2022-0847
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages a Linux kernel vulnerability to overwrite data in read-only files, specifically targeting /etc/passwd to achieve local privilege escalation (LPE). The PoC includes kernel version checks and a backup/restore mechanism for the passwd file.
Classification
Working Poc 95%
Target:
Linux Kernel (versions 5.8+ up to 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Compilation of the exploit binary
nomisec
WORKING POC
2 stars
by Gustavo-Nogueira · local
https://github.com/Gustavo-Nogueira/Dirty-Pipe-Exploits
This repository contains three proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files via improper pipe buffer flag handling.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 to 5.16.11
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Kernel version between 5.8 and 5.16.11
nomisec
WORKING POC
2 stars
by VinuKalana · local
https://github.com/VinuKalana/DirtyPipe-CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary files in the page cache, even on read-only mounts or immutable files. The exploit hijacks a SUID binary to spawn a root shell and attempts to restore the original binary afterward.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Presence of a SUID binary to hijack
nomisec
WORKING POC
2 stars
by tmoneypenny · local
https://github.com/tmoneypenny/CVE-2022-0847
This is a Rust implementation of the Dirty Pipe exploit (CVE-2022-0847), which allows overwriting arbitrary files in the page cache by leveraging an uninitialized pipe_buffer.flags variable. It demonstrates privilege escalation by modifying read-only files, such as /root/.ssh/authorized_keys.
Classification
Working Poc 95%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute code on the target system
nomisec
WORKING POC
2 stars
by zzzchuu · poc
https://github.com/zzzchuu/Dirty-Pipe
This repository contains a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating privilege escalation by overwriting read-only files and injecting shellcode into SUID binaries to gain a root shell.
Classification
Working Poc 100%
Target:
Linux Kernel >=5.8, <5.16.11, 5.15.25 and 5.10.102
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel version · Ability to execute binaries on the target system
nomisec
WORKING POC
1 stars
by 0xeremus · local
https://github.com/0xeremus/dirty-pipe-poc
This is a Python-based PoC exploit for CVE-2022-0847 (Dirty Pipe), which leverages a Linux kernel vulnerability to overwrite arbitrary files and escalate privileges by adding the current user to the sudo group. The exploit corrupts the /etc/group file and backs it up to /tmp/group_backup.
Classification
Working Poc 100%
Target:
Linux Kernel (5.8+)
No auth needed
Prerequisites:
Linux system with vulnerable kernel (5.8+) · Python 3.10
nomisec
WORKING POC
1 stars
by scopion · poc
https://github.com/scopion/dirty-pipe
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite via uninitialized pipe_buffer.flags in Linux kernel 5.8+. It modifies /etc/passwd to remove the root password for privilege escalation.
Classification
Working Poc 100%
Target:
Linux kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8+ · unprivileged user access · readable target file
nomisec
SCANNER
1 stars
by muhammad1596 · poc
https://github.com/muhammad1596/CVE-2022-0847-dirty-pipe-checker
This repository contains a bash script to check for CVE-2022-0847 (Dirty Pipe) vulnerability in Linux kernels. It verifies kernel versions against known vulnerable ranges and outputs whether the system is potentially vulnerable.
Classification
Scanner 100%
Target:
Linux kernel versions 5.8 to 5.16.10, 5.15.24 and below, 5.10.101 and below
No auth needed
Prerequisites:
Access to the target system to run the script
nomisec
SCANNER
1 stars
by realbatuhan · poc
https://github.com/realbatuhan/dirtypipetester
This repository contains a shell script to check if a Linux kernel is vulnerable to CVE-2022-0847 (Dirty Pipe). It compares the kernel version against known vulnerable versions and outputs whether the system is affected.
Classification
Scanner 100%
Target:
Linux Kernel (versions < 5.8, 5.10.102, 5.10.92, 5.15.25, and others)
No auth needed
Prerequisites:
Access to the target system to run the script
nomisec
WORKING POC
1 stars
by lucksec · local
https://github.com/lucksec/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite in the page cache by leveraging uninitialized pipe_buffer.flags. It allows privilege escalation by injecting data into read-only files.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 to 5.16.10, 5.15.24, 5.10.101
No auth needed
Prerequisites:
Linux system with vulnerable kernel · ability to execute binary
nomisec
WORKING POC
1 stars
by b4dboy17 · local
https://github.com/b4dboy17/Dirty-Pipe-Oneshot
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which allows arbitrary file overwrites on Linux systems by manipulating the pipe buffer flags. The PoC demonstrates privilege escalation by modifying /etc/passwd to add a root user.
Classification
Working Poc 100%
Target:
Linux Kernel (5.8+)
No auth needed
Prerequisites:
Access to a vulnerable Linux system with kernel >= 5.8
nomisec
WORKING POC
1 stars
by joeymeech · local
https://github.com/joeymeech/CVE-2022-0847-Exploit-Implementation
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages the vulnerability to modify read-only files (e.g., /etc/pam.d/su) to bypass authentication and execute a reverse shell via socat.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 to 5.16.10, 5.15.24, and 5.10.101
No auth needed
Prerequisites:
Linux kernel vulnerable to CVE-2022-0847 · Ability to execute arbitrary code on the target system
nomisec
WORKING POC
1 stars
by Mephierr · local
https://github.com/Mephierr/DirtyPipe_exploit
This is a functional exploit for CVE-2022-0847 (DirtyPipe), which leverages improper input validation in the Linux kernel's pipe mechanism to overwrite data in read-only files. The PoC modifies /etc/passwd to add a backdoor user with root privileges.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 through 5.16.11, 5.15.25, and 5.10.102
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Ability to compile and execute C++ code
nomisec
WORKING POC
1 stars
by xiaoLvChen · local
https://github.com/xiaoLvChen/CVE-2022-0847
This repository contains a functional exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting data in read-only files by leveraging an uninitialized pipe_buffer.flags variable. The script automates the process of modifying /etc/passwd to remove the root password, enabling privilege escalation.
Classification
Working Poc 100%
Target:
Linux kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8 or later · gcc for compilation · read access to target file
nomisec
WORKING POC
1 stars
by Turzum · local
https://github.com/Turzum/ps-lab-cve-2022-0847
This repository contains a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting arbitrary files in the page cache, even on read-only mounts or immutable files. The exploit leverages an uninitialized pipe_buffer.flags variable in Linux kernels 5.8 and later.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Access to a vulnerable system
nomisec
WORKING POC
1 stars
by karanlvm · local
https://github.com/karanlvm/DirtyPipe-Exploit
This repository contains a working exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files via improper pipe buffer handling. The exploit demonstrates modifying /etc/passwd to gain root access.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 to 5.16.10, 5.15.24, and 5.10.101
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation
nomisec
WORKING POC
1 stars
by mrchucu1 · local
https://github.com/mrchucu1/CVE-2022-0847-Docker
This repository contains a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating privilege escalation by overwriting arbitrary read-only files in the Linux kernel. The exploit is packaged in a Docker environment for safe testing and educational purposes.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 and later
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Docker for safe testing environment
nomisec
WORKING POC
1 stars
by ITMarcin2211 · poc
https://github.com/ITMarcin2211/CVE-2022-0847-DirtyPipe-Exploit
This is a modified proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary files in the page cache. The exploit specifically targets /etc/passwd to set the root password to 'aaron' and then spawns a root shell.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · unprivileged user access
nomisec
WORKING POC
by notl0cal · local
https://github.com/notl0cal/dpipe
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages a Linux kernel vulnerability to overwrite arbitrary files in the page cache. The PoC modifies /etc/passwd or /etc/group to escalate privileges to root.
Classification
Working Poc 95%
Target:
Linux Kernel (versions 5.8+)
No auth needed
Prerequisites:
Unprivileged user access · Target file must be in page cache
nomisec
STUB
by jonathanbest7 · poc
https://github.com/jonathanbest7/cve-2022-0847
The repository contains only a README.md file with minimal content, lacking any exploit code or technical details. It appears to be a placeholder or incomplete submission.
Target:
unknown
No auth needed
nomisec
WORKING POC
by edsonjt81 · local
https://github.com/edsonjt81/CVE-2022-0847-DirtyPipe-
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files or hijacking SUID binaries. The exploits are written in C and include a compilation script.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 and later (before patches 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation
nomisec
WORKING POC
by JustinYe377 · poc
https://github.com/JustinYe377/CTF-CVE-2022-0847
This repository provides a proof-of-concept for CVE-2022-0847 (Dirty Pipe), demonstrating how to overwrite a read-only file by exploiting a vulnerability in the Linux kernel's pipe mechanism. It includes setup instructions, a script to generate the target file, and a verification script.
Classification
Working Poc 90%
Target:
Linux Kernel 5.8 to 5.16.10, 5.15.24, 5.10.101
No auth needed
Prerequisites:
Linux kernel version 5.8 or later (unpatched) · gcc for compiling exploit code · read permissions on the target file
nomisec
WORKING POC
by DataFox · local
https://github.com/DataFox/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary file contents in the page cache, bypassing file permissions and read-only mounts. The exploit demonstrates privilege escalation by modifying sensitive files like /root/.ssh/authorized_keys.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Ability to execute code on the target system
nomisec
WORKING POC
by pmihsan · local
https://github.com/pmihsan/Dirty-Pipe-CVE-2022-0847
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite via uninitialized pipe_buffer.flags. The first PoC (poc.c) writes arbitrary data to any file, while the second (dirtypipe.c) hijacks a SUID binary to spawn a root shell.
Classification
Working Poc 100%
Target:
Linux kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Access to a file with restricted permissions
nomisec
WORKING POC
by ajith737 · local
https://github.com/ajith737/Dirty-Pipe-CVE-2022-0847-POCs
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite via uninitialized pipe_buffer.flags in Linux kernel 5.8+. PoC1 writes data to any file, while PoC2 hijacks a SUID binary to spawn a root shell.
Classification
Working Poc 100%
Target:
Linux kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8+ · unprivileged user access
nomisec
WORKING POC
by Greetdawn · poc
https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe
This repository contains a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing arbitrary read-only file modification and local privilege escalation. The exploit leverages uninitialized pipe_buffer.flags to overwrite data in the page cache.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later (before 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Ability to compile and execute C code
nomisec
WORKING POC
by orsuprasad · local
https://github.com/orsuprasad/CVE-2022-0847-DirtyPipe-Exploits
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files or hijacking SUID binaries. The exploits are derived from Max Kellermann's original research and include automated compilation and execution scripts.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 and later (before patches 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation · Read access to target files (e.g., /etc/passwd)
nomisec
WORKING POC
by tufanturhan · poc
https://github.com/tufanturhan/CVE-2022-0847-L-nux-PrivEsc
This is a working proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary files in the page cache, enabling local privilege escalation by modifying /etc/passwd.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Ability to compile and execute the exploit
nomisec
WORKING POC
by bohr777 · poc
https://github.com/bohr777/cve-2022-0847dirtypipe-exploit
This repository contains a proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting any file contents in the page cache, even if the file is read-only, immutable, or on a read-only mount. The exploit demonstrates privilege escalation by hijacking a SUID binary to spawn a root shell.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Access to a SUID binary for privilege escalation
nomisec
WORKING POC
by nanaao · poc
https://github.com/nanaao/Dirtypipe-exploit
This repository contains a Proof of Concept (PoC) for the Dirty Pipe vulnerability (CVE-2022-0847), which exploits a flaw in the Linux kernel to overwrite data in read-only files. The PoC hijacks a SUID binary to spawn a root shell and attempts to restore the binary afterward.
Classification
Working Poc 90%
Target:
Linux Kernel (versions 5.8 and later)
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Presence of a SUID binary to hijack
nomisec
WORKING POC
by 0xr1l3s · poc
https://github.com/0xr1l3s/CVE-2022-0847
This is a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages a Linux kernel vulnerability to overwrite arbitrary files, including SUID binaries, to achieve local privilege escalation (LPE). The PoC injects shellcode into a target binary to spawn a root shell and attempts to restore the original binary afterward.
Classification
Working Poc 100%
Target:
Linux Kernel (5.8 and later, before 5.16.11, 5.15.25, and 5.10.102)
No auth needed
Prerequisites:
Unprivileged user access on a vulnerable Linux system · Presence of a SUID binary to hijack
nomisec
WORKING POC
by ayushx007 · local
https://github.com/ayushx007/CVE-2022-0847-DirtyPipe-Exploits
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting read-only files or hijacking SUID binaries. The exploits are derived from Max Kellermann's original research and include modifications to change the root password in /etc/passwd or inject data into SUID process memory.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 and later (prior to 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · GCC for compilation
nomisec
WORKING POC
by solomon12354 · local
https://github.com/solomon12354/LockingGirl-----CVE-2022-0847-Dirty_Pipe_virus
This repository contains a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages a Linux kernel vulnerability to overwrite arbitrary files. The exploit modifies /etc/passwd to add a backdoor root user and includes a destructive payload that deletes files via `rm -rf / --no-preserve-root`.
Classification
Working Poc 95%
Target:
Linux Kernel 5.8+ (Ubuntu 20.04)
No auth needed
Prerequisites:
Unpatched Linux kernel (5.8+) · Ability to execute binary on target system
nomisec
WORKING POC
by xsxtw · local
https://github.com/xsxtw/CVE-2022-0847
This repository contains a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting data in arbitrary read-only files by leveraging an uninitialized pipe_buffer.flags variable in the Linux kernel. The exploit demonstrates privilege escalation by modifying /etc/passwd to gain root access.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute code on the target system
nomisec
WORKING POC
by muhammad1596 · local
https://github.com/muhammad1596/CVE-2022-0847-DirtyPipe-Exploits
This repository contains two Python-based exploits for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation. The exploits demonstrate file modification (e.g., /etc/passwd) and SUID binary hijacking to gain root access.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 to 5.16.11, 5.15.25, 5.10.102
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Python 3.x · GCC for compilation
nomisec
WORKING POC
by mithunmadhukuttan · local
https://github.com/mithunmadhukuttan/Dirty-Pipe-Exploit
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite via a Linux kernel pipe mechanism flaw, leading to privilege escalation by modifying /etc/passwd.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8+
No auth needed
Prerequisites:
Unpatched Linux kernel (5.8+) · Unprivileged user access
nomisec
WRITEUP
by stfnw · poc
https://github.com/stfnw/Debugging_Dirty_Pipe_CVE-2022-0847
This repository contains a detailed technical analysis and presentation materials for debugging the Dirty Pipe vulnerability (CVE-2022-0847) in the Linux kernel. It includes references to the original PoC, patch analysis, and step-by-step explanations of the vulnerability mechanics.
Classification
Writeup 100%
Target:
Linux kernel versions 5.8 to 5.16.11
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel version (5.8 to 5.16.11) · Ability to compile and run C code
nomisec
WRITEUP
by CPT-Jack-A-Castle · poc
https://github.com/CPT-Jack-A-Castle/CVE-2022-0847
This repository contains a README describing CVE-2022-0847, a Linux kernel vulnerability allowing arbitrary read-only file data overwrites, leading to privilege escalation. No exploit code is present, only a textual explanation.
Classification
Writeup 90%
Target:
Linux kernel >= 5.8
No auth needed
Prerequisites:
Unprivileged access to a vulnerable Linux system
nomisec
WRITEUP
by real-tim-johnston · poc
https://github.com/real-tim-johnston/megaquagga-pentest-report
This is a detailed penetration test report documenting an attack chain involving CVE-2022-0847 (DirtyPipe) for privilege escalation on a Debian system. The report includes technical steps, exploit methodology, and post-exploitation analysis.
Classification
Writeup 100%
Target:
Linux Kernel (6.8.0-31-generic)
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel (pre-patch for CVE-2022-0847) · Local user access (e.g., via compromised WordPress plugin)
nomisec
WORKING POC
by osungjinwoo · poc
https://github.com/osungjinwoo/CVE-2022-0847-Dirty-Pipe
This repository provides a one-line exploit for CVE-2022-0847 (Dirty Pipe), which downloads and executes a precompiled static binary to exploit the vulnerability. The exploit leverages improper handling of pipe buffers in the Linux kernel to achieve local privilege escalation.
Classification
Working Poc 90%
Target:
Linux kernel versions 5.8 through 5.16.11, 5.15.25, and 5.10.102
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Ability to execute commands
nomisec
WORKING POC
by SimoesCTT · poc
https://github.com/SimoesCTT/Chrono-Drip-Temporal-Viscosity-Exploitation-Framework-CVE-2022-0847
This repository contains a proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe) enhanced with theoretical temporal viscosity mechanisms for persistence and stealth. The exploit leverages physics-based concepts like temporal resonance and fractal encoding to evade detection.
Classification
Working Poc 85%
Target:
Linux kernel (versions before 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Linux system with vulnerable kernel · compilation tools (gcc, make) · root access for temporal injection
nomisec
WORKING POC
by si1ent-le · poc
https://github.com/si1ent-le/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite in the page cache by leveraging uninitialized pipe_buffer.flags in Linux kernels 5.8 and later.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8 or later · ability to execute binary on target system
nomisec
WORKING POC
by morgenm · poc
https://github.com/morgenm/dirtypipe
This repository contains a Rust implementation of the DirtyPipe (CVE-2022-0847) exploit, which allows overwriting arbitrary files or SUID binaries to escalate privileges. It includes helper scripts to generate custom SUID payloads and verify kernel vulnerability.
Classification
Working Poc 95%
Target:
Linux Kernel 5.8-5.16 (specific vulnerable versions)
No auth needed
Prerequisites:
Vulnerable Linux kernel version · Ability to execute binaries on the target system
nomisec
WORKING POC
by stfnw · poc
https://github.com/stfnw/reproducer-poc-CVE-2022-0847
This repository contains a proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating privilege escalation via pipe buffer manipulation. It includes both a differential fuzzing-based detector and a minimal handcoded reproducer.
Classification
Working Poc 95%
Target:
Linux Kernel 5.16.10 (and other vulnerable versions)
No auth needed
Prerequisites:
Vulnerable Linux kernel (5.8+ with pipe buffer corruption) · Unprivileged user access
nomisec
WORKING POC
by jxpsx · poc
https://github.com/jxpsx/CVE-2022-0847-DirtyPipe-Exploits
This repository contains two proof-of-concept exploits for CVE-2022-0847 (Dirty Pipe), demonstrating how to overwrite arbitrary file contents in the page cache, even on read-only files or immutable files. The exploits leverage an uninitialized pipe_buffer.flags variable to achieve privilege escalation.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 and later
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Access to a local user account
nomisec
SCANNER
by ayushx007 · poc
https://github.com/ayushx007/CVE-2022-0847-dirty-pipe-checker
This script checks if a given Linux kernel version is vulnerable to CVE-2022-0847 (Dirty Pipe). It parses the kernel version and compares it against known vulnerable ranges.
Classification
Scanner 100%
Target:
Linux Kernel versions 5.8 to 5.10.102, 5.15.25, and others
No auth needed
Prerequisites:
Access to the target system's kernel version
nomisec
WORKING POC
by RogelioPumajulca · remote
https://github.com/RogelioPumajulca/CVE-2022-0847
This is a working exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing local privilege escalation by overwriting arbitrary files in the page cache. The PoC hijacks a SUID binary to spawn a root shell and includes a mechanism to restore the damaged binary.
Classification
Working Poc 100%
Target:
Linux kernel 5.8 or later (fixed in 5.16.11, 5.15.25, 5.10.102)
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of a SUID binary to hijack
nomisec
WORKING POC
by isaiahsimeone · poc
https://github.com/isaiahsimeone/COMP3320-VAPT
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary files in the page cache, achieving local privilege escalation by injecting shellcode into a setuid binary.
Classification
Working Poc 100%
Target:
Linux Kernel v5.8 and later
No auth needed
Prerequisites:
Linux Kernel 5.8 or later · Access to a setuid binary (e.g., /usr/bin/su)
nomisec
WORKING POC
by Shadow-Spinner · local
https://github.com/Shadow-Spinner/CVE-2022-0847
This exploit leverages CVE-2022-0847 (DirtyPipe) to overwrite the root password entry in /etc/passwd, effectively removing the password requirement for root access. It uses the splice() system call to inject a payload into the file via a pipe.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 through 5.16.11, 5.15.25, and 5.10.102
No auth needed
Prerequisites:
Local access to the target system · Compilation with gcc
nomisec
WRITEUP
by bluedragonsecurity · poc
https://github.com/bluedragonsecurity/Linux-Kernel-Dirty-Pipe-Exploitation-Logic-Bug-
This repository contains a detailed writeup explaining the Dirty Pipe vulnerability (CVE-2022-0847) in Linux Kernel 5.8–5.15.24, focusing on the logic bug in the PIPE_BUF_FLAG_CAN_MERGE flag and its exploitation mechanics.
Classification
Writeup 100%
Target:
Linux Kernel 5.8–5.15.24
No auth needed
Prerequisites:
Access to a vulnerable Linux system with kernel versions 5.8–5.15.24
nomisec
WORKING POC
by V0WKeep3r · poc
https://github.com/V0WKeep3r/CVE-2022-0847-DirtyPipe-Exploit
This is a working exploit for CVE-2022-0847 (Dirty Pipe), which allows local privilege escalation by overwriting data in read-only files via uninitialized pipe buffer flags. The PoC hijacks a SUID binary to spawn a root shell and attempts to restore the original binary afterward.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Access to a vulnerable Linux system with kernel 5.8+ · Presence of a SUID binary to hijack
nomisec
STUB
by letsr00t · poc
https://github.com/letsr00t/CVE-2022-0847
The repository contains only a compile script for two exploit files (exploit-1.c and exploit-2.c) but lacks the actual exploit code. CVE-2022-0847 is a known Dirty Pipe vulnerability affecting Linux kernels.
Target:
Linux Kernel < 5.8, 5.10 < 5.16.11, 5.15 < 5.15.25, 5.10 < 5.10.102
No auth needed
Prerequisites:
Local access to a vulnerable Linux system
nomisec
WORKING POC
by githublihaha · poc
https://github.com/githublihaha/DirtyPIPE-CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary file contents in the page cache, enabling local privilege escalation by hijacking SUID binaries.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 to 5.16.11
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Presence of a SUID binary to hijack
nomisec
WORKING POC
by edsonjt81 · poc
https://github.com/edsonjt81/CVE-2022-0847-Linux
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe_buffer.flags variable to overwrite arbitrary file contents in the page cache, even on read-only files or immutable files. The exploit modifies /etc/passwd to add a password for the root user and then spawns a root shell.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Linux Kernel 5.8 or later · Ability to execute binary on the target system
nomisec
WORKING POC
by babyshen · poc
https://github.com/babyshen/CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), which allows overwriting arbitrary files in the page cache by leveraging an uninitialized pipe_buffer.flags variable in the Linux kernel.
Classification
Working Poc 100%
Target:
Linux Kernel versions >= 5.8 and < 5.16.11 / 5.15.25 / 5.10.102
No auth needed
Prerequisites:
Access to a vulnerable Linux kernel · Ability to execute binary on the target system
nomisec
STUB
by Greetdawn · poc
https://github.com/Greetdawn/CVE-2022-0847-DirtyPipe-
The repository contains only a README.md file with minimal content, lacking any exploit code or technical details for CVE-2022-0847 (DirtyPipe).
Target:
Linux Kernel (versions affected by DirtyPipe)
No auth needed
Prerequisites:
None identified due to lack of content
nomisec
WORKING POC
by cypherlobo · local
https://github.com/cypherlobo/DirtyPipe-BSI
This is a modified Proof-of-Concept exploit for CVE-2022-0847 (Dirty Pipe), which overwrites the root password in `/etc/passwd` to gain a root shell. It includes a backup and restoration mechanism for `/etc/passwd`.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Linux system with kernel >= 5.8 · Access to a local user account
nomisec
WORKING POC
by pentestblogin · poc
https://github.com/pentestblogin/pentestblog-CVE-2022-0847
This is a functional proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), demonstrating arbitrary file overwrite in the page cache by leveraging an uninitialized pipe_buffer.flags variable. It allows writing to read-only files or immutable files by splicing data into the pipe and merging it into the target file's cache.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8+
No auth needed
Prerequisites:
Linux kernel 5.8 or later · Ability to execute code on the target system
nomisec
WORKING POC
by AyoubNajim · poc
https://github.com/AyoubNajim/cve-2022-0847dirtypipe-exploit
This repository contains a proof-of-concept exploit for CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing arbitrary file overwrites. The exploit leverages improper flag initialization in pipe buffers to inject data into read-only files, potentially leading to privilege escalation.
Classification
Working Poc 95%
Target:
Linux kernel versions 5.8 through 5.16.11, 5.15.25, and 5.10.102
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Ability to execute binary code
nomisec
STUB
by Scouserr · poc
https://github.com/Scouserr/cve-2022-0847-poc-dockerimage
The repository contains only a README.md file with minimal content, lacking any functional exploit code or detailed proof-of-concept for CVE-2022-0847. It appears to be a placeholder or incomplete submission.
Target:
unknown
No auth needed
metasploit
WORKING POC
EXCELLENT
by Max Kellermann, timwr · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/cve_2022_0847_dirtypipe.rb
This Metasploit module exploits CVE-2022-0847 (Dirty Pipe), a Linux kernel vulnerability allowing arbitrary read-only file modifications. It overwrites a SUID binary with a payload, executes it for privilege escalation, and restores the original binary.
Classification
Working Poc 100%
Target:
Linux kernel versions 5.8 to 5.16.10, 5.15 to 5.15.24, and 5.10 to 5.10.101
No auth needed
Prerequisites:
Access to a vulnerable Linux system · Write permissions in a directory (default: /tmp) · Presence of a SUID binary (default: /bin/passwd)
vulncheck_xdb
WORKING POC
local
https://github.com/N1rv0us/kernel_exploitation
This repository contains a functional exploit for CVE-2022-0847, a Linux kernel vulnerability (Dirty Pipe). The exploit code demonstrates privilege escalation by manipulating kernel memory structures to gain root access.
Classification
Working Poc 95%
Target:
Linux Kernel (versions affected by CVE-2022-0847)
No auth needed
Prerequisites:
Linux system with vulnerable kernel · local user access
vulncheck_xdb
WORKING POC
local
https://github.com/siegfrkn/CSCI5403_CVE20220847_Detection
This repository contains a functional exploit for CVE-2022-0847 (Dirty Pipe), which allows privilege escalation by overwriting read-only files in the page cache. The exploit modifies '/etc/passwd' to gain root access, along with detection tools for monitoring such activities.
Classification
Working Poc 100%
Target:
Linux kernel 5.8+
Auth required
Prerequisites:
read access to target file · Linux kernel 5.8 or later
vulncheck_xdb
WORKING POC
local
https://github.com/ch1lL9uy/TTCS
This repository contains functional exploit code for CVE-2022-0847, demonstrating a kernel privilege escalation via a buffer overflow with Ret2usr and kernel ROP techniques. It includes scripts and C code to compile, run, and test the exploit in a QEMU environment.
Classification
Working Poc 95%
Target:
Linux Kernel (specific version not specified)
No auth needed
Prerequisites:
QEMU environment setup · vulnerable kernel module · specific kernel configuration
exploitdb
WORKING POC
by Lance Biggerstaff · clocallinux
https://www.exploit-db.com/exploits/50808
This exploit leverages CVE-2022-0847 (DirtyPipe) to overwrite arbitrary read-only files via uninitialized pipe_buffer.flags, enabling local privilege escalation by injecting a SUID binary with malicious ELF code.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 to 5.16.11
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Target file must be in page cache
vulncheck_xdb
WORKING POC
local
https://github.com/greenhandatsjtu/CVE-2022-0847
This repository contains a functional exploit for CVE-2022-0847 (Dirty Pipe) that demonstrates container escape by overwriting read-only files on the host. The exploit leverages the `CAP_DAC_READ_SEARCH` capability to bypass file permissions and uses `splice()` to overwrite target files.
Classification
Working Poc 100%
Target:
Linux Kernel (versions affected by CVE-2022-0847)
No auth needed
Prerequisites:
CAP_DAC_READ_SEARCH capability · access to a file mounted from the host
vulncheck_xdb
WORKING POC
local
https://github.com/LudovicPatho/CVE-2022-0847
This repository contains a functional exploit for CVE-2022-0847 (Dirty Pipe), which leverages an uninitialized pipe buffer flag to overwrite read-only files and escalate privileges. The PoC hijacks a SUID binary to spawn a root shell and includes shellcode for privilege escalation.
Classification
Working Poc 100%
Target:
Linux Kernel 5.8 and later
No auth needed
Prerequisites:
Local access to a vulnerable Linux system · Presence of a SUID binary to hijack